Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Map mounting user to multipass automatically #331

Closed
Saviq opened this issue Aug 9, 2018 · 1 comment
Closed

Map mounting user to multipass automatically #331

Saviq opened this issue Aug 9, 2018 · 1 comment
Assignees
@Saviq
Labels
enhancement good first issue
Milestone
2018.12.1

Comments

@Saviq
Copy link
Collaborator

Saviq commented Aug 9, 2018

When mounting into instances, we need to automatically map from the mounting user to the multipass user. Otherwise permissions over the mounts will be all over the place.

We already allow --uid-map, --gid-map set to arbitrary values so there's no more of a security concern here. Giving access to multipass means giving root access to the filesystem.
@Saviq Saviq added this to the 2018.10.2 milestone Oct 5, 2018
@Saviq Saviq self-assigned this Oct 5, 2018
bors bot added a commit that referenced this issue Oct 5, 2018
@bors @Saviq
Merge #433
3dd85ff 
433: Map mounting user's uid/gid by default (Fixes #331) r=townsend2010 a=Saviq



Co-authored-by: Michał Sawicz <[email protected]>
@Saviq
Copy link
Collaborator Author

Saviq commented Oct 5, 2018

Fixed by #433

@Saviq Saviq closed this as completed Oct 5, 2018
@Saviq Saviq mentioned this issue Dec 20, 2018
Merged
bors bot added a commit that referenced this issue Dec 20, 2018
@bors
Merge #551
f15e279 
551: Release 2018.12.1 r=townsend2010 a=Saviq

### Highlights

- On Linux, suspending/resuming the instance to/from disk is now supported. (#374)
- Better handling of delayed shutdown including posting `wall` messages to logged in users and allowing log ins to the instance unless 1 minute or less remains until shutdown. (#461, #50) 
- On Linux, all CPU flags should be passed into the running instance on newly created instances. (#516)
- Fixed some races around mount handling. (#514, #520)

### Bugs fixed:

- make the recover command idempotent (#528)
- explicitly stop mounts when deleting an instance to avoid a race (#520)
- be smarter about what group owns the multipass socket (#513, #523) 
- pass through all CPU flags when launching QEMU or libvirt instances (#516)
- use `info` log level for metrics issues (#515)
- fix potential race when starting a mount (#514)
- use `wall` shutdown messages for users logged into VM when delayed shutdown is initiated (#501)
- fix crash if exception during daemon start up (#487)
- refactor CLI code (#468)
- add default uid/gid mapping (#331)
- fix file metadata passthrough
- display uid/gid maps in info command (#439)
- add support for the suspend command (#374)
- shell to machine in delayed stop state (#461)
- improve uid/gid validation (#479)
- avoid leaking the libvirt bridge (#327, #413)
- add a restart command (#217)
- upgrade 3rd-party versions (#471)

Co-authored-by: bors[bot] <bors[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Saviq Saviq

Labels
enhancement good first issue
Projects
None yet
Milestone
2018.12.1
Development

No branches or pull requests
1 participant
@Saviq